So I was interested in Lemmy, I checked Privacy policies of multiple instances; so far I cannot find any instance which doesn't collect IP address at all; many instances dont even provide any info about what data they are collection (however they are using cookies so I assume they will be logging IPs too). I found some instances that say they delete IP address logs after 12 months, these are :
- linux.community
- endlesstalk.org
- lemmy.one
If anyone knows any other instance with similar or better policy for the user, kindly comment because I took quite a time to read through the "Legal" section of the instances.
Also, I find it odd that lemmy instances are storing 12 months, many firefish instances store IP addresses for 90 days
If you have an account and a session you have a cookie or some other sort of "tracking" to know you're logged in.
I put it in quotes because the tracking via cookies people is usually worried about is the one used to identify and use your behaviour, but tracking if you're logged in or not is usually fine.
As for the IP logging, I'm not sure but AFAIK IP addresses given by ISPs are dynamic, so every now and then you'll have a new IP anyways.
If you're sill paranoid, why not use a VPN or a proxy?
Still, those services can track your original IP so we end up in the beginning and we need to go into another rabbit hole.
Again the same as with the cookie, usually the problem with IP logging is if it's to identify your behaviour and aggregate it to sell it in some way, but the one done by software like lemmy is to prevent spammers and bad actors, so it's a necessary evil.
You're right tho, 12 months of IP log is a lot, not sure where you read that, I haven't looked at all the code in lemmy to know how easy is to identify the IPs of each user.